1RU (or 2RU) computer for PFSense
-
PFsense:
I am wanting to build a reliable 1RU machine to run PFSense. I need it to have two reliable NIC's (one WAN and one LAN). I am looking to do some pretty basic things with this machine. The most intense probably being VPN which will only happen once in a while and when it does itll be one person at a time using the VPN connection. I have a budget of ~300. If it has to be above this then it can but would like to stick to around that range. Please let me know what hardware you guys suggest! Thank you!
-
Rackmount for that budget is goind to be hard unless you get a refurbished 1U server.
-
Whats a realistic price for a good Rackmount unit? That kind of why I was saying a 2ru if it had to be, thought that would make it a bit cheaper possibly. I seen this one:
http://www.idotpc.com/TheStore/pc/viewPrd.asp?idproduct=1024&idcategory=105
but it only has an atom processor in it. Which im not totally opposed to but would just get better if its not much more.
What is a realistic price for a 1RU (or 2RU if need be) build?
-
Go for a 2U rack unit rather than 1U. Couple of reasons for it.
1. 1U is hard to keep cool. You will need faster louder fans running at fast speeds. 2U gives good room to breathe and better air flow.
2. With 1U you would need to use fanless heat sinks. I am not opposed to them (hey I have a 1U myself with fanless heat sinks) but the CPU runs hotter as the heat dissipates much slower. With 2U the fan is on the heat sink.. factory one is just fine.. no need for any mods.
3. 1U PSUs are more expensive
4. With 1U your expansion options are extremely limited unless you are looking at server grade equipment. With 2U you can lots of expansion options with room to spare.
5. 1Us may be mostly mini-ITX boards.. unless server grade. 2Us can have mini-ITX, micro-ATX mobos as well
-
PFsense:
I am wanting to build a reliable 1RU machine to run PFSense. I need it to have two reliable NIC's (one WAN and one LAN). I am looking to do some pretty basic things with this machine. The most intense probably being VPN which will only happen once in a while and when it does itll be one person at a time using the VPN connection. I have a budget of ~300. If it has to be above this then it can but would like to stick to around that range. Please let me know what hardware you guys suggest! Thank you!
For $300 you're either looking at an Atom or at eBay. What kind of throughput do you need (particularly, over a VPN tunnel)? What packages are you looking at?
-
what about a firebox? 1U cheap on ebay and will handle VPN
-
Thats why I was kind of thinking the 2U also since it would ultimately be cheaper in the end. Throughput…well that would be limited to the person connected to it since I am at a location with 1gig down/up. Ultimately it would be nice to throughput the VPN connection along with some IPTV streams at some point. So the faster the better really. It would be nice not to have to worry about changing it out for while.
I was thinking about a firebox but just know they have issues every once in a while and will freeze up. I need this box to be very reliable and ultimately should have two running for backup.
-
"what about a firebox? 1U cheap on ebay and will handle VPN"
You like tinkering? looking for a new full time hobby?
-
Thats why I was kind of thinking the 2U also since it would ultimately be cheaper in the end. Throughput…well that would be limited to the person connected to it since I am at a location with 1gig down/up. Ultimately it would be nice to throughput the VPN connection along with some IPTV streams at some point. So the faster the better really. It would be nice not to have to worry about changing it out for while.
I was thinking about a firebox but just know they have issues every once in a while and will freeze up. I need this box to be very reliable and ultimately should have two running for backup.
An Atom will choke on that, even just with straight FW+NAT.
You should head to eBay. Try and find a system which supports AES-NI (aside from a few specialty chips, this means all recent Intel Xeon, i5, and i7 CPUs, as well as some AMD CPUs, not sure of the models on those). I don't believe it's working 100% in pfSense 2.1 (based on a quick forum search), but once it does, it should help with the VPN offload. Something like that will be a tough pull at $300 though, so you may have to make a decision on whether the budget or the throughput is more important.
-
what about a firebox? 1U cheap on ebay and will handle VPN
Usually me suggesting that. :)
Only the xtm5 will get 1Gbps throughput and they don't appear on ebay very often or very cheaply. However if you did find one they are completely stable. Only the oldest (x-core) firebox has ongoing driver issues.Steve
-
This is for a work environment if I forgot to mention that and thats why its needs to be up and running pretty solid that being said it there will be two separate networks at the company. Obviously reliability always wanted. I have a x500 at my house and it seems to be running fairly well it has been only running for 2 weeks though. Either way I figured with dedicated If I did a 2ru, sounds like that would be the cheapest yet but is there anything in particular that I should be looking for in the motherboard (ex Intel NIC's opposed to Realtek, etc) and processor? Would an i3 suffice?
-
You didn't state for how much users it needed to be, but for basic functionality (even with VPN, multiple WAN or policy based routing requirements) the following should do: http://www.applianceshop.eu/index.php/opnsense-rack-edition-pfsense-appliance.html
(hint: that's an Alix 2D13 in a rack ;) Reliable hardware, well supported, close to your budget, however no Gb nics…)
If you can get your hands on a firebox e550/750/1250 (or even a ssl core) they all run fine, and if you follow StephenW10's instructions you should be able to get that up&running in a couple of hours... If you buy bare parts, you need the time as well in assembling.
Just my 2 cents. Good luck hunting. -
So lets just make a 2RU firewall box. I have the budget upto $500. Could you buys give me hardware recommendations? (Case, Mobo, CPU, RAM, PSU, etc) Please let me know, thanks!
-
How does this setup look and is there anything that I should change?
Intel S1200BTSR LGA 1155 Micro ATX Intel Motherboard - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16813121714Intel Core i3-3240 Ivy Bridge 3.4GHz LGA 1155 55W Dual-Core Desktop Processor Intel HD Graphics 2500 BX80637i33240
http://www.newegg.com/Product/Product.aspx?Item=N82E16819116773Western Digital Scorpio Black WD2500BEKT 250GB 7200 RPM 16MB Cache SATA 3.0Gb/s 2.5" Internal Notebook Hard Drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136279SeaSonic SS-300ET Bronze 300W ATX12V V2.3 80 PLUS BRONZE Certified Active PFC Power Supply - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16817151086G.SKILL 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Dual Channel Kit Desktop Memory Model F3-10666CL9D-4GBNQ
http://www.newegg.com/Product/Product.aspx?Item=N82E16820231190iStarUSA D-213-MATX Black Metal/ Aluminum 2U Rackmount microATX Server Chassis 1 External 5.25" Drive Bays - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16811165213Total comes to $495
-
How does this setup look and is there anything that I should change?
Intel S1200BTSR LGA 1155 Micro ATX Intel Motherboard - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16813121714Intel Core i3-3240 Ivy Bridge 3.4GHz LGA 1155 55W Dual-Core Desktop Processor Intel HD Graphics 2500 BX80637i33240
http://www.newegg.com/Product/Product.aspx?Item=N82E16819116773Western Digital Scorpio Black WD2500BEKT 250GB 7200 RPM 16MB Cache SATA 3.0Gb/s 2.5" Internal Notebook Hard Drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136279SeaSonic SS-300ET Bronze 300W ATX12V V2.3 80 PLUS BRONZE Certified Active PFC Power Supply - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16817151086G.SKILL 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Dual Channel Kit Desktop Memory Model F3-10666CL9D-4GBNQ
http://www.newegg.com/Product/Product.aspx?Item=N82E16820231190iStarUSA D-213-MATX Black Metal/ Aluminum 2U Rackmount microATX Server Chassis 1 External 5.25" Drive Bays - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16811165213Total comes to $495
I see you are paying a lot more for a server board (C206) but using regular ram. That cpu also has no aes-ni which you can do cheaper with haswell i3s, not sure if that platform is too new for even 2.1 though.
If you do want ECC, there are better supermicro models.To be honest the easiest way to get reliable intel server nics is $25 for a dual port on fleabay and they also come low profile, instead of paying extra for onboard versions. ($75~100 for LP quads)
Any chance you live near a microcenter? There are a couple nice cpu+board options, $90 S1155 and S1150 uATX boards with intel nics. (DH77EB w/ 82579V and H87M Pro4 w/ i217V respectively)
If haswell works on 2.1 this will get you aes-ni with the same clockspeed:
i3 4130 http://www.newegg.com/Product/Product.aspx?Item=N82E16819116946
http://www.newegg.com/Product/Product.aspx?Item=N82E16813157384 -
This will do what you want forever! http://www.ebay.com/itm/IBM-X3650-3-5-2U-Server-2x-2-5GHz-Quad-Core-16GB-4-x-73GB-15K-DVD-Rail-Kit-/331006101690?pt=COMP_EN_Servers&hash=item4d118048ba
-
This will do what you want forever! http://www.ebay.com/itm/IBM-X3650-3-5-2U-Server-2x-2-5GHz-Quad-Core-16GB-4-x-73GB-15K-DVD-Rail-Kit-/331006101690?pt=COMP_EN_Servers&hash=item4d118048ba
I totally agree with you on that but my company is wanting us to buy all new stuff. The other box that I was looking at is this:
http://www.ebay.com/itm/221280755944?ssPageName=STRK:MEWAX:IT&_trksid=p3984.m1423.l2649But they seem adamant about only getting brand new.
-
How does this setup look and is there anything that I should change?
Intel S1200BTSR LGA 1155 Micro ATX Intel Motherboard - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16813121714Intel Core i3-3240 Ivy Bridge 3.4GHz LGA 1155 55W Dual-Core Desktop Processor Intel HD Graphics 2500 BX80637i33240
http://www.newegg.com/Product/Product.aspx?Item=N82E16819116773Western Digital Scorpio Black WD2500BEKT 250GB 7200 RPM 16MB Cache SATA 3.0Gb/s 2.5" Internal Notebook Hard Drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136279SeaSonic SS-300ET Bronze 300W ATX12V V2.3 80 PLUS BRONZE Certified Active PFC Power Supply - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16817151086G.SKILL 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Dual Channel Kit Desktop Memory Model F3-10666CL9D-4GBNQ
http://www.newegg.com/Product/Product.aspx?Item=N82E16820231190iStarUSA D-213-MATX Black Metal/ Aluminum 2U Rackmount microATX Server Chassis 1 External 5.25" Drive Bays - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16811165213Total comes to $495
I see you are paying a lot more for a server board (C206) but using regular ram. That cpu also has no aes-ni which you can do cheaper with haswell i3s, not sure if that platform is too new for even 2.1 though.
If you do want ECC, there are better supermicro models.To be honest the easiest way to get reliable intel server nics is $25 for a dual port on fleabay and they also come low profile, instead of paying extra for onboard versions. ($75~100 for LP quads)
Any chance you live near a microcenter? There are a couple nice cpu+board options, $90 S1155 and S1150 uATX boards with intel nics. (DH77EB w/ 82579V and H87M Pro4 w/ i217V respectively)
If haswell works on 2.1 this will get you aes-ni with the same clockspeed:
i3 4130 http://www.newegg.com/Product/Product.aspx?Item=N82E16819116946
http://www.newegg.com/Product/Product.aspx?Item=N82E16813157384Is there a chance that I could get a good NIC on newegg? I live in a pretty remote area, so no microcenter around here. Dont mind spending the money for a intel server nic if that would be much more reliable. Do you have a suggestion on RAM, or just any good server RAM will do?